8/11/2019 Survey of Management of Phr by Secure Cipher Text Policy Attribute Based Encryption Scheme

1/3

INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 3, ISSUE 4, APRIL 2014 ISSN 2277-8616

306IJSTR2014www.ijstr.org

Survey Of Management Of PHR By Secure CipherText Policy Attribute Based Encryption Scheme

Abel Joy, Akhila H, Annie Chacko

Abstract: The PHR enables patients to manage their medical records in a centralized way which greatly facilitate the storage, access and sharing ofpersonal health data. These details are locked by a central server in the hospital. But the security over the data is loosed while the data is sent to arequester. In this paper, we describe a new scheme for the secure data handling. The CP-ABE scheme is used for this purpose. In this scheme eachusers private key is associated with set of attribute representing these capabilities and an encrypted cipher text such that only users whose attributesatisfy a certain policy can decrypt.

Index Terms: Cipher text Policy Attribute Based Encryption, Identity Based Encryption, Public Key Infrastructure,Personal Health Record Trusted ThirdPart

1 INTRODUCTION

There are number of access control mechanisms are availableto outsourcing data to a third party. But the traditionalencryption techniques are not suitable to be used in thisscenario. Because the security over the data is loosed when

the data is sent to a requester. So this can be overcome byusing the technique CP-ABE. This paper presents a newapproach for secure management of personal health recordswhich are stored and shared from an un-trusted web server.The CP-ABE scheme has shown to be more useful in ahealthcare setting since the access policy is enforced byvirtually associating the access control policy to the protecteddata. This removes the need for involving a trusted entitywhich has to enforce access policies. The proposed schemeallows patients to encrypt the data according to an accesspolicy over a set of attributes issued by two trusted authorities.The scheme does not require the presence of a centralauthority to coordinate the work of the trusted authorities. Apossible future work is to formally provide a security proof for

the proposed scheme.

2. SURVEY

2.1. ATTRIBUTE BASED ENCRYPTION

Traditionally, this type of expressive access control is enforcedby employing a trusted server to store data locally. The serve

is entrusted as a reference monitor that checks that a usepresents proper certification before allowing him to accessrecords or files. However, services are increasingly storingdata in a distributed fashion across many servers. Replicatingdata across several locations has advantages in bothperformance and reliability. The main disadvantage of thisscheme is regarding the security; when data is stored atdifferent and several locations, the chances that one of themhas been compromised increases dramatically. For thesereasons we would like to require that sensitive data is stored inan encrypted form so that it will remain private even if a serveris compromised. Most existing public key encryption methodsallow a party to encrypt data, but are unable to efficientlyhandle more expressive types of encrypted access control. In

our system, a users private key will be associated withnumber of attributes expressed as strings. On the other handwhen a user encrypts a message in our system, they specifyan associated access structure over attributes. A user will onlybe able to decrypt a cipher text if that users attributes passthrough the cipher texts access structure. At a mathematicalevel, access structures in our system are described by amonotonic access tree, where nodes of the access structureare composed of threshold gates and the leaves describeattributes. In the work of, collusion resistance is insured byusing a secret-sharing scheme and embedding independentlychosen secret shares into each private key. Because of theindependence used in each invocation of the secret sharingscheme, collusion-resistance follows. In our scenario, users

private keys are associated with sets of attributes instead ofaccess structures over them, and so secret sharing schemesdo not apply. Instead, we devise a novel private keyrandomization technique that uses a new two-level randommasking methodology. This methodology makes use of groupswith efficiently computable bilinear maps, and it is the key toour security proof, which we give in the generic bilinear groupmodel.

2.2 PUBIC-KEY CRYPTOGRAPHY

It is an asymmetric scheme that uses a pair of keys forencryption - a private key which is kept secret and a public keywhich is widely distributed. In a Public-Key Infrastructure (PKI)a public key must be obtained from, or the Trusted Third Party

_______________________________

Abel Joy is currently pursuing BTech Degree inComputer Science and engineering in Mahathma

Gandhi university kottayam,India,PH-9895219874

E-mail:abeljoydasan@gmail.com

Akhila H is currently pursuing BTech Degree in

Computer Science and engineering in Mahathma

Gandhi university kottayam, India, PH-9961285288.

E-mail:akhilah81@yahoo.in

Annie Chacko currently working as assistant professor

in Computer Science and Engineering department in

MBCCET,Peermede,Idukki,PH-,9497791233

E-mail:nnievargh@gmail.com

mailto:abeljoydasan@gmail.commailto:abeljoydasan@gmail.commailto:abeljoydasan@gmail.commailto:akhilah81@yahoo.inmailto:akhilah81@yahoo.inmailto:akhilah81@yahoo.inmailto:nnievargh@gmail.commailto:nnievargh@gmail.commailto:nnievargh@gmail.commailto:nnievargh@gmail.commailto:akhilah81@yahoo.inmailto:abeljoydasan@gmail.com

8/11/2019 Survey of Management of Phr by Secure Cipher Text Policy Attribute Based Encryption Scheme

2/3

INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 3, ISSUE 4, APRIL 2014 ISSN 2277-8616

307IJSTR2014www.ijstr.org

(TTP) of the PKI. In Identity-Based Encryption (IBE) any stringcan be used to generate a public key without involvement ofthe TTP thus creates a degree of flexibility that a PKI cannotoffer. Public-Key encryption is a most powerful mechanism forprotecting the confidentiality of both stored and transmittedinformation. Traditionally, encryption is used for a user to sharedata to another user or any device.But in this method thesender knows the credentials of the receiver. In particular, they

proposed two complementary forms of ABE. In the first, Key-Policy ABE, attributes are used to interpret the cipher texts andformulas over these attributes are credited to users' secretkeys. The second type, Ciphertext-Policy ABE uses attributesto describe users credentials and this is used by the encryptorfor cipher text.

2.3CIPHERTEXT POLICY ATTRIBUTE BASED

ENCRYPTION WITH REVOCATION

Revocation is a vital open problem in almost everycryptosystem dealing with malicious behaviors. In cipher textpolicy attribute based encryption, different users may hold thesame functional secret keys related with the same attribute setleading to additional difficulties in designing revocation

mechanism. This scheme uses linear secret sharing andbinary tree techniques as the underlying tools. Along with theattribute sets each user is also assigned with a uniqueidentifier so, the user can be easily access the data orinformation very easily. . There are some difficulties occurredin this scheme while considering the following conditions:-first,problem occurs while associating user secret keys withdifferent sets of attributes instead of individual characteristics;second, users individuality are taken place by severalcommon attributes, and thus revocation on attributes orattribute sets cannot accurately exclude the users withmisbehaviors; third, the system must be secure againstcollusion attack from revoked users even though they sharesome common attributes with non-revoked users.

2.4CIPHERTEXT POLICY ATTRIBUTE BASED

ENCRYPTION ON BOUNDED SIZE

This Cipher text Policy Attribute Based Encryption schememainly based on number of theoretic assumptions andsupporting advanced access structures. The earlier schemessupport only the limited access structures. But in this schemethe access structures are represented by a bounded sizeaccess tree with threshold gates as its nodes. The size of theaccess tree is chosen at time of system setup and the securityis handled by standard Decisional Bilinear Diffie-Hellmanassumption. The main condition is that any access treesatisfying the upper bounds on the size can be dynamicallychosen by the encryptor. In this technique we introduce many

copies of each attribute for every position in the accessstructure tree where it can occur. This set of programsincludes four command line tools performing variousoperations:

Setup-which generates public parameter and amaster key given a security parameter and accessbound.

Key generation-which takes as input a set of

attributes and outputs a decryption key. Encrypt-which takes as input a plain text and a

bounded access policy, and generate thecorresponding ciphertext.

Decrypt- the input is ciphertext produce the plaintexby using key. The plaintext is correct if and only if theattributes satisfies the access policy.

3. FIELD OF APPLICATIONS

The public key encryption method was the most traditionamethod applied to the PHR for the security of the data. But itmade the high key-management problems and also this

method was very less scalable. The user revocation or breakglass access and other advanced techniques were notpossible with these one-to-one. The attributes can define anobject very efficiently just as the identity of an object worksThe attribute based encryption provides the security to thedatabase. In this system both the cipher text and secret keywill be associated with the attributes. The user who is having aminimum number of attributes only can decrypt the data. Sowhile applying this method the owner doesnt want to knowabout the entire list of users instead of that they can encryptthe data according to some attributes only. Using ABE, accesspolicies expressed based on the attributes of user data whichenable the patient to selectively share the PHR among a set ousers by encrypting the file under a set of attributes, and so

the owner dont want to know the complete list of users.Itprovides data confidentiality and write access control. But theon-demand user revocation and other techniques were noadaptable with this encryption method. In the revocationtechnique we use a unique identifier. By using the ciphertexpolicy attribute based encryption with revocation scheme inwhich malicious users can be efficiently revoked. Thistechnique uses a linear secret sharing scheme and binary treetechniques. In CP-ABE model, each user is assigned with aunique identifier, this identifier can be later re-randomized, andit does not change. The bounded CP-ABE is based on astandard number theoretic assumption and supportingadvanced access structures. In which uses a bounded sizeaccess tree with threshold gates as node. The bound depends

on the depth, d of the access tree and maximum number ofchildren in each non leaf node, num. The encryptor uses theaccess tree that satisfies the tuple (d, num). The DecisionaBilinear Diffie-Hellmann assumption support non-monotonicaccess policies. In this scheme uses a fixed universal treeaccess structure as CP-ABE scheme. In which each attributeis associated with number of copies and causes a significantincrease in private key size, but it does not affect theciphertext size. The encryption and decryption use thesefeature.

4. CONCLUSION

We created a system for Cipher text-Policy Attribute BasedEncryption. Our system allows for a new type of encryptedaccess control where users private keys are specified by a seof attributes and a party encrypting data can specify a policyover these attributes specifying which users are able todecrypt. Our system allows policies to be expressed as anymonotonic tree access structure and is resistant to collusionattacks in which an attacker might obtain multiple private keysFinally, we provided an implementation of our system, whichincluded several optimization techniques.

8/11/2019 Survey of Management of Phr by Secure Cipher Text Policy Attribute Based Encryption Scheme

3/3

INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 3, ISSUE 4, APRIL 2014 ISSN 2277-8616

308IJSTR2014www.ijstr.org

ACKNOWLEDGMENTS

We would like to thanks all the reference authors for thecompletion of this paper.

REFERENCES

[1]. Amit Sahai UCLA CIPHERTEXT-POLICYATTRIBUTE-BASED ENCRYPTION, JohnBethencourt Carnegie Mellon University,Brent Waters,

SRI International.

[2]. Luan Ibraimi, Qiang Tang, Pieter Hartel, WillemJonker,EFFICIENT AND PROVABLE SECURECIPHER TEXT-POLICY ATTRIBUTE-BASEDENCRYPTION SCHEMES, Faculty of EWI, Universityof Twente, the Netherlands, Philips Research, theNetherla

[3]. Xiaohui Liang, Rongxing Lu, Xiaodong Lin, andXuemin (Sherman) Shen, CIPHERTEXT POLICYATTRIBUTE BASED ENCRYPTION WITH POLICYATTRIBUTE BASED ENCRYPTION WITHEFFICIENT REVOCATION, Department of Electrical

and Computer Engineering, University ofWaterloo,Canada Faculty of Business and InformationTechnology, University of Ontario Institute ofTechnology, Canada

[4]. Vipul Goyal, Abhishek Jain, Omkant Pandey, and AmitSahai, BOUNDED CIPHER TEXT POLICYATTRIBUTE BASED ENCRYPTION, Department ofComputer Science,UCLA